diff --git a/tools/itssecurity/.vs/itssecurity/v16/.suo b/tools/itssecurity/.vs/itssecurity/v16/.suo
index 1903076bf08e60eeebade7c6856d27c9b5be255e..cfbd3d5d17fa69e967815e01e25b8a2d964c9c18 100644
Binary files a/tools/itssecurity/.vs/itssecurity/v16/.suo and b/tools/itssecurity/.vs/itssecurity/v16/.suo differ
diff --git a/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db b/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db
index f9b0fbb04a7643f81d5614330fcc9154aecdd9e2..5fcad48e5de772d58cd4fbc44d3f3add9f540aaf 100644
Binary files a/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db and b/tools/itssecurity/.vs/itssecurity/v16/Browse.VC.db differ
diff --git a/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db b/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db
index f972b53f2b91f51665eb5f8ae34b543132fec5c3..97fcabf63ea5e730a9661674c184a875595fc3f0 100644
Binary files a/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db and b/tools/itssecurity/.vs/itssecurity/v16/Solution.VC.db differ
diff --git a/ttcn/AtsPki/ItsPki_TestCases.ttcn b/ttcn/AtsPki/ItsPki_TestCases.ttcn
index c4ee24f3d3a0b417bf0d2789267fb603fcd43069..7c0a5dca42850ba569daaeca4bc6e4be28e10d37 100644
--- a/ttcn/AtsPki/ItsPki_TestCases.ttcn
+++ b/ttcn/AtsPki/ItsPki_TestCases.ttcn
@@ -156,6 +156,7 @@ module ItsPki_TestCases {
in Headers p_headers,
in EtsiTs103097Certificate p_ec_certificate,
out InnerAtRequest p_inner_at_request,
+ out InnerAtResponse p_inner_at_response,
out HttpMessage p_response,
out integer p_result,
in template octetstring p_its_id := PICS_ITS_S_CANONICAL_ID,
@@ -166,7 +167,6 @@ module ItsPki_TestCases {
var EtsiTs102941Data v_etsi_ts_102941_data;
var Oct16 v_request_hash;
var Oct16 v_aes_enc_key;
- var InnerAtResponse v_inner_at_response;
var template (value) HttpMessage v_response;
log(">>> f_verify_http_at_request_from_iut_itss:", p_request);
@@ -183,14 +183,14 @@ module ItsPki_TestCases {
log("f_verify_http_at_request_from_iut_itss: matching: ", match(v_etsi_ts_102941_data.content, mw_authorizationRequest(mw_innerAtRequest))); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(v_etsi_ts_102941_data.content, mw_authorizationRequest(mw_innerAtRequest)) == false) {
// Send error message
- f_http_build_authorization_response(-, its_aa_cantparse, v_request_hash, -, -, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
+ f_http_build_authorization_response(-, its_aa_cantparse, v_request_hash, -, -, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
// Set verdict
p_result := -2;
} else {
// Extract InnerAtRequest and Verify signature of mw_innerATRequestSignedForPop
if (f_verify_inner_at_request_signed_for_pop(v_etsi_ts_102941_data, p_ec_certificate, p_inner_at_request) == false) {
// Send error message
- f_http_build_authorization_response(p_inner_at_request, its_aa_cantparse, v_request_hash, -, -, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
+ f_http_build_authorization_response(p_inner_at_request, its_aa_cantparse, v_request_hash, -, -, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), p_headers));
// Set verdict
p_result := -3;
@@ -198,7 +198,7 @@ module ItsPki_TestCases {
log("f_verify_http_at_request_from_iut_itss: match ", match(p_inner_at_request, mw_innerAtRequest(mw_publicKeys, -, mw_shared_at_request, mw_ec_signature))); // TODO In TITAN, this is the only way to get the unmatching in log
if (match(p_inner_at_request, mw_innerAtRequest(mw_publicKeys, -, mw_shared_at_request, mw_ec_signature)) == false) { // TODO To be refined
// Send error message: No enrolment request
- f_http_build_authorization_response(p_inner_at_request, its_aa_badcontenttype, v_request_hash, -, -, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
+ f_http_build_authorization_response(p_inner_at_request, its_aa_badcontenttype, v_request_hash, -, -, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), p_headers));
// Set verdict
p_result := -4;
@@ -226,7 +226,7 @@ module ItsPki_TestCases {
log("f_verify_http_at_request_from_iut_itss: matching: ", match(p_inner_at_request.sharedAtRequest.keyTag, v_key_tag));
if (match(p_inner_at_request.sharedAtRequest.keyTag, v_key_tag) == false) {
// Send error message: No enrolment request
- f_http_build_authorization_response(p_inner_at_request, its_aa_keysdontmatch, v_request_hash, -, -, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
+ f_http_build_authorization_response(p_inner_at_request, its_aa_keysdontmatch, v_request_hash, -, -, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), p_headers));
// Set verdict
p_result := -5;
@@ -235,10 +235,10 @@ module ItsPki_TestCases {
// Send OK message
log("f_verify_http_at_request_from_iut_itss: Receive ", p_inner_at_request);
if (p_force_response_code == ok) {
- f_http_build_authorization_response(p_inner_at_request, ok, v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
+ f_http_build_authorization_response(p_inner_at_request, ok, v_request_hash, vc_eaPrivateKey, vc_eaWholeHash, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
} else {
log("f_verify_http_at_request_from_iut_itss: Succeed built force error code ", p_force_response_code);
- f_http_build_authorization_response(p_inner_at_request, p_force_response_code, v_request_hash, -, -, v_aes_enc_key, v_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
+ f_http_build_authorization_response(p_inner_at_request, p_force_response_code, v_request_hash, -, -, v_aes_enc_key, p_inner_at_response, v_ieee1609dot2_signed_and_encrypted_data);
}
v_response := m_http_response(m_http_response_ok(m_http_message_body_binary(m_binary_body_ieee1609dot2_data(v_ieee1609dot2_signed_and_encrypted_data)), p_headers));
// Set verdict
@@ -1742,6 +1742,8 @@ module ItsPki_TestCases {
// Local variables
var HashedId8 v_certificate_digest;
var EtsiTs103097Certificate v_certificate;
+ var InfoPortData v_info_port_data;
+ var boolean v_start_awaiting := false;
// Test component configuration
vc_hashedId8ToBeUsed := PX_IUT_DEFAULT_CERTIFICATE;
@@ -1769,9 +1771,21 @@ module ItsPki_TestCases {
f_sendUtTriggerAuthorizationRequestPrimitive();
tc_ac.start;
alt {
- [] geoNetworkingPort.receive { // FIXME Wait for new AT certificate
- log("*** " & testcasename() & ": PASS: IUT started to send CAM using new AT certificate ***");
- f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
+ [v_start_awaiting == true] a_await_cam_with_current_cert(
+ v_info_port_data.hashed_id8,
+ v_info_port_data.at_certificate
+ ) {
+ log("*** " & testcasename() & ": PASS: IUT started to send CA message using new AT certificate ***");
+ f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
+ }
+ [] geoNetworkingPort.receive {
+ log("*** " & testcasename() & ": FAIL: IUT started to send CA message using wrong AT certificate ***");
+ f_selfOrClientSyncAndVerdict(c_tbDone, e_error);
+ }
+ [] infoPort.receive(InfoPortData:?) -> value v_info_port_data {
+ log("*** " & testcasename() & ": INFO: Received new AT certificate ***");
+ v_start_awaiting := true;
+ repeat;
}
[] tc_ac.timeout {
log("*** " & testcasename() & ": PASS: No CA message received ***");
@@ -1827,18 +1841,29 @@ module ItsPki_TestCases {
var HttpMessage v_response;
var integer v_result;
var InnerAtRequest v_inner_at_request;
+ var InnerAtResponse v_inner_at_response;
tc_ac.stop;
// Verify IUT response
- f_verify_http_at_request_from_iut_itss(v_request.request, v_headers, v_inner_ec_response.certificate, v_inner_at_request, v_response, v_result);
+ f_verify_http_at_request_from_iut_itss(v_request.request, v_headers, v_inner_ec_response.certificate, v_inner_at_request, v_inner_at_response, v_response, v_result);
// Send response
if (isvalue(v_response)) {
httpPort.send(v_response);
}
// Set verdict
if (v_result == 0) {
+ var octetstring v_msg;
+ var octetstring v_hashed_id8;
+
log("*** " & testcasename() & ": PASS: InnerEcRequest received ***");
+ v_msg := bit2oct(encvalue(v_inner_at_response.certificate));
+ if (ischosen(v_inner_at_response.certificate.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1)) {
+ v_hashed_id8 := f_hashedId8FromSha384(f_hashWithSha384(v_msg));
+ } else {
+ v_hashed_id8 := f_hashedId8FromSha256(f_hashWithSha256(v_msg));
+ }
+ infoPort.send(InfoPortData : { hashed_id8 := v_hashed_id8, at_certificate := v_inner_at_response.certificate });
f_selfOrClientSyncAndVerdict(c_tbDone, e_success);
} else {
log("*** " & testcasename() & ": FAIL: Failed to verify EA an EnrolmentRequestMessage ***");
diff --git a/ttcn/AtsSecurity/ItsSecurity_Pics.ttcn b/ttcn/AtsSecurity/ItsSecurity_Pics.ttcn
index eed99ab9cef0ecb314e380bc3bc12476574fc104..bfae4f1b210fa349fbd08fe5f5b2e63f89cf678e 100644
--- a/ttcn/AtsSecurity/ItsSecurity_Pics.ttcn
+++ b/ttcn/AtsSecurity/ItsSecurity_Pics.ttcn
@@ -19,7 +19,6 @@ module ItsSecurity_Pics {
// LibItsSecurity
import from LibItsSecurity_TypesAndValues all;
- // TODO To be removed
type record certificates_foi {
charstring certificate_id,
HashAlgorithm hashAlgorithm,
@@ -33,7 +32,7 @@ module ItsSecurity_Pics {
{ cc_iutCert_A, sha256, '39CF4DF85C18EBA5'O, 'EFEB473043DD2B88'O, omit }, // CERT_IUT_A_AT
{ cc_iutCert_A_B, sha256, 'F437DE395A471B0A'O, 'FE18C80573BD41A5'O, omit }, // CERT_IUT_A_B_AT
{ cc_iutCert_A_B3, sha256, 'F437DE395A471B0A'O, '623F3CE451FA1A04'O, omit }, // CERT_IUT_A_B3_AT
- { cc_iutCert_B, sha256, '39CF4DF85C18EBA5'O, 'E9DAF8626F52D687'O, { circularRegion := { center := {436169490, 70533080}, radius := 5000 } } }, // CERT_IUT_B_AT
+ { cc_iutCert_B, sha256, '39CF4DF85C18EBA5'O, 'E9DAF8626F52D687'O, { circularRegion := { center := {436169490, 70533080}, radius := 5000 } } }, // CERT_IUT_A_B_AT
{ cc_iutCert_C, sha256, '39CF4DF85C18EBA5'O, '46C778C826B25328'O, { rectangularRegion := { { northWest := { latitude := 436618657, longitude := 70083912 }, southEast := { latitude := 435720322, longitude := 70982247 } } } } }, // CERT_IUT_C_AT
{ cc_taCert_A1, sha256, '39CF4DF85C18EBA5'O, '01063FEF92C015BB'O, omit }, // CERT_IUT_A1_AT
diff --git a/ttcn/AtsSecurity/ItsSecurity_TestCases.ttcn b/ttcn/AtsSecurity/ItsSecurity_TestCases.ttcn
index 3d5b5328e4e84016553ca848dadab92d83ac1f31..f0e6d8f36935cd63900e50bc021b5299dd64cc20 100644
--- a/ttcn/AtsSecurity/ItsSecurity_TestCases.ttcn
+++ b/ttcn/AtsSecurity/ItsSecurity_TestCases.ttcn
@@ -6712,438 +6712,6 @@ module ItsSecurity_TestCases {
} // End of group genericSignedMessageProfile
- /**
- * @desc Sending behaviour test cases for certificates profile
- * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.7 Encrypted messages profile
- */
- group encryptedMessagesProfile {
-
- /**
- * @desc Check that the IUT can generate encrypted message.
- *
- * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_ENCRYPTION_SUPPORT
- * Config Id: CF01
- * Initial conditions:
- * with {
- * the IUT is authorized with AT certificate (CERT_IUT_A_AT)
- * }
- * Expected behaviour:
- * ensure that {
- * when {
- * the IUT is requested to send an encrypted message
- * } then {
- * the IUT sends a message of type EtsiTs103097Data
- * containing encryptedData
- * containing recipients
- * containing at least one item of type RecipientInfo
- * }
- * }
- *
- *
- * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_ENC_01_BV
- * @reference ETSI TS 103 097 [1], Clauses 5.3
- */
- testcase TC_SEC_ITSS_SND_ENC_01_BV() runs on ItsGeoNetworking system ItsSecSystem {
-
- // Local variables
-
- // Test control
- if (not(PICS_GN_SECURITY) or not(PICS_SEC_ENCRYPTION_SUPPORT)) {
- log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ENCRYPTION_SUPPORT' required for executing the TC ***");
- stop;
- }
-
- // Test component configuration
- f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
-
- // Test adapter configuration
-
- // Preamble
- f_prNeighbour();
- f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
-
- // Test Body
- tc_ac.start;
- alt {
- [] geoNetworkingPort.receive(
- mw_geoNwInd(
- mw_geoNwSecPdu(
- mw_etsiTs103097Data_encrypted(
- mw_encryptedData(
- -,
- mw_SymmetricCiphertext_aes128ccm
- ))))) {
- tc_ac.stop;
- log("*** " & testcasename() & ": PASS: IUT sends encrypted data successfully ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
- }
- [] tc_ac.timeout {
- log("*** " & testcasename() & ": INCONC: Expected message not received ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
- }
- } // End of 'alt' statement
-
- // Postamble
- f_poNeighbour();
- f_cf01Down();
-
- } // End of testcase TC_SEC_ITSS_SND_ENC_01_BV
-
- /**
- * @desc Check that the IUT can generate encrypted message.
- *
- * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_ENCRYPTION_SUPPORT
- * Config Id: CF01
- * Initial conditions:
- * with {
- * the IUT is authorized with AT certificate (CERT_IUT_A_AT)
- * }
- * Expected behaviour:
- * ensure that {
- * when {
- * the IUT is requested to send an encrypted message
- * } then {
- * the IUT sends a message of type EtsiTs103097Data
- * containing encryptedData
- * }
- * }
- *
- *
- * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_ENC_02_BV
- * @reference IEEE 1609.2 [2] Clause 6.3.31
- */
- testcase TC_SEC_ITSS_SND_ENC_02_BV() runs on ItsGeoNetworking system ItsSecSystem {
-
- // Local variables
- var GeoNetworkingInd v_geoNwInd;
-
- // Test control
- if (not(PICS_GN_SECURITY) or not(PICS_SEC_ENCRYPTION_SUPPORT)) {
- log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ENCRYPTION_SUPPORT' required for executing the TC ***");
- stop;
- }
-
- // Test component configuration
- f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
-
- // Test adapter configuration
-
- // Preamble
- f_prNeighbour();
- f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
-
- // Test Body
- tc_ac.start;
- alt {
- [] geoNetworkingPort.receive(
- mw_geoNwInd(
- mw_geoNwSecPdu(
- mw_etsiTs103097Data_encrypted(
- mw_encryptedData(
- -,
- mw_SymmetricCiphertext_aes128ccm
- ))))) -> value v_geoNwInd {
- tc_ac.stop;
- if (lengthof(f_getSecuredMessage(v_geoNwInd.msgIn).content.encryptedData.recipients) >= 1) {
- log("*** " & testcasename() & ": PASS: IUT sends encrypted data successfully ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
- } else {
- log("*** " & testcasename() & ": FAIL: RecipientInfo list is empty ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
- }
- }
- [] tc_ac.timeout {
- log("*** " & testcasename() & ": INCONC: Expected message not received ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
- }
- } // End of 'alt' statement
-
- // Postamble
- f_poNeighbour();
- f_cf01Down();
-
- } // End of testcase TC_SEC_ITSS_SND_ENC_02_BV
-
- /**
- * @desc Check that the IUT can generate encrypted message.
- *
- * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_ENCRYPTION_SUPPORT
- * Config Id: CF01
- * Initial conditions:
- * with {
- * the IUT is authorized with AT certificate (CERT_IUT_A_AT)
- * }
- * Expected behaviour:
- * ensure that {
- * when {
- * the IUT is requested to send an encrypted message
- * } then {
- * the IUT sends a message of type EtsiTs103097Data
- * containing encryptedData
- * }
- * }
- *
- *
- * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_ENC_03_BV
- * @reference IEEE 1609.2 [2] Clause 6.3.31
- */
- testcase TC_SEC_ITSS_SND_ENC_03_BV() runs on ItsGeoNetworking system ItsSecSystem {
-
- // Local variables
- var GeoNetworkingInd v_geoNwInd;
-
- // Test control
- if (not(PICS_GN_SECURITY) or not(PICS_SEC_ENCRYPTION_SUPPORT)) {
- log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ENCRYPTION_SUPPORT' required for executing the TC ***");
- stop;
- }
-
- // Test component configuration
- f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
-
- // Test adapter configuration
-
- // Preamble
- f_prNeighbour();
- f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
-
- // Test Body
- tc_ac.start;
- alt {
- [PICS_SEC_NIST_P256 == true] geoNetworkingPort.receive(
- mw_geoNwInd(
- mw_geoNwSecPdu(
- mw_etsiTs103097Data_encrypted(
- mw_encryptedData(
- {
- mw_recipientInfo_certRecipInfo(
- mw_pKRecipientInfo(
- -,
- mw_encryptedDataEncryptionKey_eciesNistP256(
- mw_evciesP256EncryptedKey
- )
- )
- )
- },
- mw_SymmetricCiphertext_aes128ccm
- ))))) -> value v_geoNwInd {
- tc_ac.stop;
- log("*** " & testcasename() & ": PASS: IUT sends encrypted data successfully ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
- }
- [PICS_SEC_BRAINPOOL_P256R1 == true] geoNetworkingPort.receive(
- mw_geoNwInd(
- mw_geoNwSecPdu(
- mw_etsiTs103097Data_encrypted(
- mw_encryptedData(
- {
- mw_recipientInfo_certRecipInfo(
- mw_pKRecipientInfo(
- -,
- mw_encryptedDataEncryptionKey_eciesBrainpoolP256r1(
- mw_evciesP256EncryptedKey
- )
- )
- )
- },
- mw_SymmetricCiphertext_aes128ccm
- ))))) -> value v_geoNwInd {
- tc_ac.stop;
- log("*** " & testcasename() & ": PASS: IUT sends encrypted data successfully ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
- }
- [] tc_ac.timeout {
- log("*** " & testcasename() & ": INCONC: Expected message not received ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
- }
- } // End of 'alt' statement
-
- // Postamble
- f_poNeighbour();
- f_cf01Down();
-
- } // End of testcase TC_SEC_ITSS_SND_ENC_03_BV
-
- /**
- * @desc Check that the ciphertext of encrypted message contains encrypted EtsiTs103097Data structure.
- *
- * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_ENCRYPTION_SUPPORT
- * Config Id: CF01
- * Initial conditions:
- * with {
- * the IUT is authorized with AT certificate (CERT_IUT_A_AT)
- * }
- * Expected behaviour:
- * ensure that {
- * when {
- * the IUT is requested to send an encrypted message
- * } then {
- * the IUT sends a message of type EtsiTs103097Data
- * containing encryptedData
- * containing ciphertext
- * containing encrypted data
- * containing COER encoded data
- * containing structure of type EtsiTs103097Data
- * }
- * }
- *
- *
- * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_ENC_04_BV
- * @reference IEEE 1609.2 [2], clauses 6.3.31
- * @reference ETSI TS 103 097 [1] Clause 7.1.4
- */
- testcase TC_SEC_ITSS_SND_ENC_04_BV() runs on ItsGeoNetworking system ItsSecSystem {
-
- // Local variables
- var Oct16 v_aes_sym_enc_key;
- var EtsiTs103097Data v_decryptedMsg;
- var GeoNetworkingInd v_geoNwInd;
-
- // Test control
- if (not(PICS_GN_SECURITY) or not(PICS_SEC_ENCRYPTION_SUPPORT)) {
- log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ENCRYPTION_SUPPORT' required for executing the TC ***");
- stop;
- }
-
- // Test component configuration
- f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
-
- // Test adapter configuration
-
- // Preamble
- f_prNeighbour();
- f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
-
- // Test Body
- tc_ac.start;
- alt {
- [] geoNetworkingPort.receive(
- mw_geoNwInd(
- mw_geoNwSecPdu(
- mw_etsiTs103097Data_encrypted(
- mw_encryptedData(
- -,
- mw_SymmetricCiphertext_aes128ccm(
- mw_aesCcmCiphertext
- )))))) -> value v_geoNwInd {
- tc_ac.stop;
-
- if (f_decrypt(vc_encryptPrivateKey, f_getSecuredMessage(v_geoNwInd.msgIn), ''O, v_decryptedMsg, v_aes_sym_enc_key) == false) { // No salt value
- log("*** " & testcasename() & ": FAIL: Unable to process encryption data ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
- } else if (match(v_decryptedMsg, mw_etsiTs103097Data) == false) {
- log("*** " & testcasename() & ": FAIL: Unable to parse EtsiTs103097Data data ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
- } else {
- log("*** " & testcasename() & ": PASS: IUT sends signed and encrypted message ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
- }
- }
- [] tc_ac.timeout {
- log("*** " & testcasename() & ": INCONC: Expected message not received ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
- }
- } // End of 'alt' statement
-
- // Postamble
- f_poNeighbour();
- f_cf01Down();
-
- } // End of testcase TC_SEC_ITSS_SND_ENC_04_BV
-
- /**
- * @desc Check that when the IUT sends SignedAndEncrypted message then it sends the
- * EtsiTs103097Data-Encrypted message containing the EtsiTs103097Data-Signed
- * structure as the ToBeSignedDataContent.
- *
- * Pics Selection: PICS_GN_SECURITY AND PICS_SEC_ENCRYPTION_SUPPORT
- * Config Id: CF01
- * Initial conditions:
- * with {
- * the IUT is authorized with AT certificate (CERT_IUT_A_AT)
- * }
- * Expected behaviour:
- * ensure that {
- * when {
- * the IUT is requested to send an encrypted and signed message
- * } then {
- * the IUT sends a message of type EtsiTs103097Data
- * containing encryptedData
- * containing ciphertext
- * containing encrypted data
- * containing COER encoded data
- * containing structure of type EtsiTs103097Data
- * containing signedData
- * }
- * }
- *
- *
- * @see ETSI TS 103 096-2 v1.3.2 TP_SEC_ITSS_SND_ENC_05_BV
- * @reference IEEE 1609.2 [2], clauses 6.3.31
- * @reference ETSI TS 103 097 [1] Clause 7.1.5
- */
- testcase TC_SEC_ITSS_SND_ENC_05_BV() runs on ItsGeoNetworking system ItsSecSystem {
-
- // Local variables
- var Oct16 v_aes_sym_enc_key;
- var EtsiTs103097Data v_decryptedMsg;
- var GeoNetworkingInd v_geoNwInd;
-
- // Test control
- if (not(PICS_GN_SECURITY) or not(PICS_SEC_ENCRYPTION_SUPPORT)) {
- log("*** " & testcasename() & ":ERROR: 'PICS_GN_SECURITY and PICS_SEC_ENCRYPTION_SUPPORT' required for executing the TC ***");
- stop;
- }
-
- // Test component configuration
- f_cf01Up(); // Initialise IUT with CERT_IUT_A_AT signed with CERT_IUT_A_AA
-
- // Test adapter configuration
-
- // Preamble
- f_prNeighbour();
- f_selfOrClientSyncAndVerdictPreamble(c_prDone, e_success);
-
- // Test Body
- tc_ac.start;
- alt {
- [] geoNetworkingPort.receive(
- mw_geoNwInd(
- mw_geoNwSecPdu(
- mw_etsiTs103097Data_encrypted(
- mw_encryptedData(
- -,
- mw_SymmetricCiphertext_aes128ccm(
- mw_aesCcmCiphertext
- )))))) -> value v_geoNwInd {
- tc_ac.stop;
-
- if (f_decrypt(vc_encryptPrivateKey, f_getSecuredMessage(v_geoNwInd.msgIn), ''O, v_decryptedMsg, v_aes_sym_enc_key) == false) { // No salt value
- log("*** " & testcasename() & ": FAIL: Unable to process encryption data ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
- } else if (match(v_decryptedMsg, mw_etsiTs103097Data_signed) == false) {
- log("*** " & testcasename() & ": FAIL: Unable to parse signed data ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_error);
- } else {
- // TODO Check signature?
- log("*** " & testcasename() & ": PASS: IUT sends signed and encrypted message ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_success);
- }
- }
- [] tc_ac.timeout {
- log("*** " & testcasename() & ": INCONC: Expected message not received ***");
- f_selfOrClientSyncAndVerdictTestBody(c_tbDone, e_timeout);
- }
- } // End of 'alt' statement
-
- // Postamble
- f_poNeighbour();
- f_cf01Down();
-
- } // End of testcase TC_SEC_ITSS_SND_ENC_05_BV
-
- } // End of group encryptedMessagesProfile
-
/**
* @desc Sending behaviour test cases for certificates profile
* @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.8 Profiles for certificates
diff --git a/ttcn/AtsSecurity/ItsSecurity_TestControl.ttcn b/ttcn/AtsSecurity/ItsSecurity_TestControl.ttcn
index db34b6af12cd0197c247da3d5019acdfa650c8dd..9b531ee0cd03ec0d3534f6a2e0e70d3d94d126ea 100644
--- a/ttcn/AtsSecurity/ItsSecurity_TestControl.ttcn
+++ b/ttcn/AtsSecurity/ItsSecurity_TestControl.ttcn
@@ -97,18 +97,6 @@ module ItsSecurity_TestControl {
execute(TC_SEC_ITSS_SND_GENMSG_07_BV());
execute(TC_SEC_ITSS_SND_GENMSG_08_BV());
- /**
- * @desc Sending behaviour test cases for certificates profile
- * @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.7 Encrypted messages profile
- */
- if (PICS_SEC_ENCRYPTION_SUPPORT) {
- execute(TC_SEC_ITSS_SND_ENC_01_BV());
- execute(TC_SEC_ITSS_SND_ENC_02_BV());
- execute(TC_SEC_ITSS_SND_ENC_03_BV());
- execute(TC_SEC_ITSS_SND_ENC_04_BV());
- execute(TC_SEC_ITSS_SND_ENC_05_BV());
- }
-
/**
* @desc Sending behaviour test cases for certificates profile
* @see ETSI TS 103 096-2 V1.3.32 (2018-01) Clause 5.2.8 Profiles for certificates
diff --git a/ttcn/LibIts b/ttcn/LibIts
index ee2c278910c882b90b8fbea6bee5be70ec92aa83..0181ca54a8bcae4214b6aba217dff20f2035504e 160000
--- a/ttcn/LibIts
+++ b/ttcn/LibIts
@@ -1 +1 @@
-Subproject commit ee2c278910c882b90b8fbea6bee5be70ec92aa83
+Subproject commit 0181ca54a8bcae4214b6aba217dff20f2035504e